Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Strange disconnects when opnsense has a static route to another router
« previous
next »
Print
Pages: [
1
]
Author
Topic: Strange disconnects when opnsense has a static route to another router (Read 622 times)
ivarh
Newbie
Posts: 8
Karma: 0
Strange disconnects when opnsense has a static route to another router
«
on:
March 05, 2024, 11:15:04 am »
I have created a gateway in System->Gateways with the default options for the lan interface and the ip of the other router.
It comes up as online in the gateway status.
I then create a static route for a subnet on the other side of that router with the gateway as the gateway
I can connect but the connections dies after a short while. if I add a route on the client machine to this gateway directly the connection is rock solid.
Also if I add the route to the client after a connection has frozen the connection resumes. Is there a time limit for how long opnsense will forward packets to the internal gateway for each connection?
Logged
Saarbremer
Sr. Member
Posts: 353
Karma: 14
Re: Strange disconnects when opnsense has a static route to another router
«
Reply #1 on:
March 05, 2024, 11:24:12 am »
You probably created the fatal triangle of asymmetric routing. From what I understand your client and the new gateway are in the same network segment.
That means that answers from the gateway may get back to your host directly. The evenautally dying connection would originate at the removed firewall states on OPNsense. They time out as there's no return traffic to keep the TCP connection open.
You can either create a new network segment (VLAN) to connect OPNsense and your other router in it or you need to configure all clients with appropriate routes to the non-default gateway. This is host dependent. There is a way to configure it using DHCP option 33 but in my experience this usually does not work as expected (again host-dependent).
Logged
ivarh
Newbie
Posts: 8
Karma: 0
Re: Strange disconnects when opnsense has a static route to another router
«
Reply #2 on:
March 05, 2024, 03:09:52 pm »
I did try using a wireguard tunnel between my opnsense internet-facing router and my pfsense lab router, but it suffered the same problems with disconnections.
However, using a VLAN solved the problem. I have no idea why the wireguard tunnel solution did not work.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Strange disconnects when opnsense has a static route to another router